github/cordova-android
github/cordova-android
3
0
Fork 1
mirror of https://github.com/apache/cordova-android.git synced 2024-10-06 17:42:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

CB-2099: Android Whitelisting now blocks images and JS with an empty response

Browse Source
This commit is contained in:
Joe Bowser 2013-03-06 14:56:27 -08:00
parent 7cc8fd7e87
commit 409b9af398
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
framework/src/org/apache/cordova/CordovaWebViewClient.java
View File

@ -18,6 +18,7 @@
*/
package org.apache.cordova;
import java.io.ByteArrayInputStream;
import java.util.Hashtable;
import org.apache.cordova.api.CordovaInterface;
@ -220,12 +221,25 @@ public class CordovaWebViewClient extends WebViewClient {
*/
@Override
public WebResourceResponse shouldInterceptRequest(WebView view, String url) {
//If something isn't whitelisted, just send a blank response
if(!Config.isUrlWhiteListed(url))
{
return getWhitelistResponse();
}
if (this.appView.pluginManager != null) {
return this.appView.pluginManager.shouldInterceptRequest(url);
}
return null;
}
private WebResourceResponse getWhitelistResponse()
{
WebResourceResponse emptyResponse;
String empty = "";
ByteArrayInputStream data = new ByteArrayInputStream(empty.getBytes());
return new WebResourceResponse("text/plain", "UTF-8", data);
}
/**
* On received http auth request.
* The method reacts on all registered authentication tokens. There is one and only one authentication token for any host + realm combination